Jump to content

Registration is Now Open! For Serious Reverse Engineers Only

If You are Interested to Join Us, Send Us Your Details with References to Your Work

Spoiler

Contact: Team-IRA [at ] protonmail [dot]  com

 

TechLord

Reversing WannaCry Part 1 - Finding the killswitch and unpacking the malware

Recommended Posts

TechLord

In this first video of the "Reversing WannaCry" series we will look at the infamous killswitch and the installation and unpacking procedure of WannaCry.

Get sample here:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

Pw for sample: ghidra.ninja

 

 

  • Like 2

Share this post


Link to post
TechLord

Part two of the tutorial:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

In the second video of the "Reversing WannaCry" series we continue to dive into the malware and find some encrypted components and the first traces of the decryption & encryption functionality of the ransomware. We also learn how to use OOAnalyzer to easily reverse engineer C++ code in Ghidra!

The scripts and Ghidra projects can be found here:

Quote

Hidden Content

    Give reaction to this post to see the hidden content.

 

  • Thumbs Up 1

Share this post


Link to post
×
×
  • Create New...